Saturday, November 26, 2011

Fun with SOCKS, IPv6 and SSH

This is fun stuff with both IPv6 and SOCKS. And ... the IPv6 is a side effect of the SOCKS ... ;-)

First some info on SOCKS: I thought SOCKS was just some old-skool proxy protocol on corporate networks. But I learned you can also use SOCKS (in ssh) to prevent spying by ISPs, governments and other third paries. Here's how:

You need an external SSH-server (which hopefully does IPv6). There are service providers that offer SSH-server functionality for 15 US$ per year(!). I got my VPS with SSH server from Hexxeh (http://vps.hexxeh.net/) for 5 US$ per month. A bit more expensive, but I wanted a VPS anyway and Hexxeh provides IPv6 (on request).

Now set up a super simple SOCKS proxy server on your Linux system (in my case Ubuntu):


You then need to fill out your password. If your logon is succesful, the local SOCKS proxy is running on port 1080, with its start point on your Linux machine, and its endpoint on the SSH server. So a loooong SOCKS proxy. ;-)
(Attention: stay logged on. As soon as you logout from the SSH session, the SOCKS proxy is gone.)

Now you can point your SOCKS enabled client to localhost and port 1080. I've done this for the webbrowser Chrome (see screendump), and I could browse the web. And suddenly my location had changed to the UK according to http://whatismyipaddress.com/ . And as Hexxeh provides IPv6 (on request), my IPv6 was working according to http://test-ipv6.com/ "Your IPv6 address on the public Internet appears to be 2001:41d0:2:bb58:...".

As my web traffic now goes through an SSH session, I'm quite sure it's encrypted, and it cannot be eavesdropped by my ISP.

Strangely enough, http://www.bbc.co.uk/iplayer/tv thinks I'm NOT in the UK. Maybe the BBC does blacklist IP addresses from (VPS) hosters ... :-(


EDIT: here is a command to check the SOCKS SSH tunnel:


$ sudo netstat -apon  | grep -i ssh | grep tcp
tcp        0      0 127.0.0.1:1080          0.0.0.0:*               LISTEN      8511/ssh         off (0.00/0/0)
tcp        0      0 192.168.1.53:44824      174.41.66.20:22       ESTABLISHED 8511/ssh         keepalive (5957.97/0/0)
tcp6       0      0 ::1:1080                :::*                    LISTEN      8511/ssh         off (0.00/0/0)
$




HTH


5 comments:

barteq said...

What is strange about BBC Player behaviour? It only allows connections from UK. Using socks proxy your traffic is routed via VPS, which is located in France. That's why you have French IP. Socks proxifies not only v6 traffic, but also v4 one. As a simple solution, you can add exception for some UK only sites.
It has also good side. Using UK based VPS (like evorack.com, which is cheap and provides native IPv6) I can use BBC Player too, being outside UK :)

Quirinius said...

nope, hexxeh is in the UK, not France.

humpy said...

Nano
RAM - 256MB
Disk - 20GB
Bandwidth - 125GB
IP addresses - 1 v4, 1 v6
OSes: Ubuntu/Debian/CentOS/Gentoo/Arch
VM Platform - Xen

Location - France

source - http://vps.hexxeh.net/

Quirinius said...

France? Ouch! Thanks.

bbc iplayer USA said...

Hi, you have interesting post! i'm definitely going to bookmark you! Thankyou for your info.bbc iplayer in the US